Solved Printing from firewall DMZ to internal LAN IP printer??

June 29, 2012 at 15:25:00
Specs: Windows 7
I am trying to protect the computing assets on a perimeter firewalled / protected LAN from visiting laptops while still permitting the laptops wifi internet access and printing priviledges on the LAN's networked HP printer

To do that I was thinking of setting up a computer as a dedicated firewall with 3 NICs (external internet, internal LAN and a DMZ for a Guest wifi router for use by the visiting laptops). (Will probably use free Untangle Firewall software software or such on the dedicated firewall computer).

What I can't figure out is the firewall's topology, IP ranges and rules / forwarding that would permit such laptop operation.

I would think it would be a common need for small offices but can't find much material on the subject.

I do understand that such would slightly weaken the firewall but feel that I would gain more security overall.

Please tell me if there an easier way to do this: with a 4th NIC / zone or perhaps by putting an additional dedicated IP printer somewhere else in the topology.

thanks in advance,


See More: Printing from firewall DMZ to internal LAN IP printer??

Report •

June 29, 2012 at 16:06:34
✔ Best Answer
guest network should be segmented from the business network.
It should have its own printer.

most small offices don't provide guest internet access or if they do its a completely different network than the business network.

at least those that know better. I have seen guest networks tied to business networks.

Another way of accomplishing this is with two routers. Guest router is the main router. Business router is off the guest router. Both get internet but guest can't access business.

Best way to accomplish this is to use a vlan switch off the main router.
You set the internet connected port going to the router for both business and guess network. Guest network router off the switch gives dhcp/internet to all guests. Guest vlan has no contact with business network.

Note that the main router is not a wifi router just a plain router. If you do wifi to business then you defeated the purpose. If you want wifi for business then you need three routers; main, business router and guest router.

You would still need to put a printer on the guest network as well as provide them with the printer install.

Answers are only as good as the information you provide.
How to properly post a question:
Sorry no tech support via PM's

Report •
Related Solutions

Ask Question